Digital tools and interventions are changing the way the development sector works. But any organisation that uses data also has a responsibility to protect the people it talks to or connects online.

And for those like Girl Effect that work with children and young people, there are even more safety and privacy issues to be navigated.

A new set of guidelines from Girl Effect shares practical tips and advice on safeguarding in the digital era. Digital safeguarding tips and guidance is based on our own experiences and learnings about digital safety along with new practices that Girl Effect is adopting to meet privacy legislation, including the General Data Protection Regulations (GDPR).

Read on for ten ways to keep children and young people safe online:

1. Design for safety. All Girl Effect brands, products and partnerships are created to keep users safe from the very start.

2. Design for privacy. For online apps, communities and other interventions settings should default automatically to the most private option. Make sure users know they can delete their photos, comments and information at any time.

3. Make consent opt-in. Never design tools where consent is opt-out or assumed (eg ‘by using this product you agree to…’).

4. Consent should tell the user clearly what information is being collected, by whom, how and for what purpose, how it will be shared, what effect it may have, how long it will be stored, and what rights users have around their data.

5. Be aware the legal age of consent to data processing varies across the globe. In the EU, for example, the age is set at 16 but countries can change this to as low as 13, such as in the UK. Girl Effect’s blanket policy is to secure consent from the parent or guardian of anybody under the age of 18, but this can be adjusted depending on the context.

6. Ask for consent more than once if the data is sensitive. For audio or video content around sensitive subjects, we ask for consent again at the end of the process to make sure interviewees understand and still agree to us using their data.

7. Improve privacy and security by anonymising or pseudonymising data. But be aware of the difference between the two. Anonymous data can’t be traced back to the source, pseudonymised data can.

8. When attempting to anonymise data, watch out for patterns in the data that might reveal its source. For example, a woman in a small village with 12 children and two sets of twins may be easy to identify locally if the village is named.

9. Know the rights of the people whose data you are collecting. The report outlines data subject rights in full.